OCTOBER IS NATIONAL CYBER SECURITY AWARENESS MONTH

Here are some general tips toward establishing good computing habits:

  • Be sure to have an up to date anti-virus package installed on your computer that updates its virus definitions automatically. UGA provides F-Secure Anti-Virus as a free download for faculty, staff, and students. The software is available for several different platforms at http://www.virus.uga.edu/.
  • Never open e-mail attachments unless you scan them first or set your scanner to do it automatically.
  • It's a good idea to have your e-mail program set to send and receive "plain text" rather than enriched or HTML files. Those can have hidden malware, programs that can cause trouble, lurking away.
  • Do not run, download or forward any unsolicited executables, documents, spreadsheets, etc. Anything that runs on your PC should be virus checked and approved first.
  • Any email you weren't expecting should be treated with suspicion, even if it comes from someone you know. It is worth calling whoever sent it to you to check that they intended to send you the email.
  • Do not open any files with a double file extension, (e.g. iamavirus.txt.vbs). Under normal circumstances you should never need to receive or use these.
  • All Windows operating systems, by default, hide the known file extensions in Windows Explorer. This feature can be used by virus writers and hackers to disguise malicious programs as some other file formats, such as text, video or audio files.
  • Keep security patches up-to-date on your computer. If there is no automatic update feature for your computer's operating system (OS), go to the OS manufacturer's Web site for the latest updates. A weekly check is good.
  • Be aware of what network services are running from your computer and disable all those not needed.
  • Keep informed about the latest network security risks, including programs that may enable your computer and the university's network to be used for illegal or commercial purposes.
  • All user accounts on a computer should have a strong password.
  • Your password should contain at least eight characters and should be something you can easily remember but not anything that people might associate with you, such as your name, friend's name, family member's names, pet's name, your initials or your name backwards. Also do not use birthdays, anniversaries or your login ID. Also, any word in any dictionary would be a bad choice for a password. Because passwords on many systems are case-sensitive, it's a good idea to use numbers, special characters and a mixture of upper and lowercase letters somewhere in the password to make it more difficult to guess. You may want to create a personal acronym, e.g. "Eagles may soar, but weasels don't get sucked into jet engines." = EmsbWdgsiJe. See University of Georgia Policies on Use of Computers: Passwords
  • Never write your password on a Post-It and stick it on your monitor, your address rolodex, under your desk pad, or anywhere else where it can be easily found. If you must write it down, keep it where no one can find it except for the authorized user.
  • BACK UP your critical files and information. This is the single most important action that you can take to assure that you will not suffer a catastrophic loss.
  • Desktop Computers systems are not intended to be anything other than client systems. Using them as servers through file sharing can be very hazardous to your files and information. NEVER make files available for sharing without password protection.
  • Check for updates to anti-virus applications and critical updates for your operating system and programs weekly. Many vendors provide automatic mechanisms for online updates.
  • Use a screensaver with a password.

 

Extracted from the University of Georgia InfoSec website.